From: Geoff Thorpe Date: Sun, 8 Dec 2002 05:38:44 +0000 (+0000) Subject: Undefine OPENSSL_NO_DEPRECATED inside openssl application code if we are X-Git-Tag: STATE_after_zlib^2~1 X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=5daec7ea0ed73def95c65d4e23d1a22839355332 Undefine OPENSSL_NO_DEPRECATED inside openssl application code if we are being built with it defined - it is not a symbol to affect how openssl itself builds, but to alter the way openssl headers can be used from an API point of view. The "deprecated" function wrappers will always remain inside OpenSSL at least as long as they're still being used internally. :-) The exception is dsaparam which has been updated to the BN_GENCB-based functions to test the new functionality. If GENCB_TEST is defined, dsaparam will support a "-timebomb " switch to cancel parameter-generation if it gets as far as 'n' seconds without completion. --- diff --git a/apps/dsaparam.c b/apps/dsaparam.c index 320d76f632..63e2cab45f 100644 --- a/apps/dsaparam.c +++ b/apps/dsaparam.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #ifndef OPENSSL_NO_DSA #include #include @@ -82,9 +88,23 @@ * -C * -noout * -genkey + * #ifdef GENCB_TEST + * -timebomb n - interrupt keygen after seconds + * #endif */ -static void MS_CALLBACK dsa_cb(int p, int n, void *arg); +#ifdef GENCB_TEST + +static int stop_keygen_flag = 0; + +void timebomb_sigalarm(int foo) + { + stop_keygen_flag = 1; + } + +#endif + +static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb); int MAIN(int, char **); @@ -99,6 +119,9 @@ int MAIN(int argc, char **argv) int numbits= -1,num,genkey=0; int need_rand=0; char *engine=NULL; +#ifdef GENCB_TEST + int timebomb=0; +#endif apps_startup(); @@ -144,6 +167,13 @@ int MAIN(int argc, char **argv) if (--argc < 1) goto bad; engine = *(++argv); } +#ifdef GENCB_TEST + else if(strcmp(*argv, "-timebomb") == 0) + { + if (--argc < 1) goto bad; + timebomb = atoi(*(++argv)); + } +#endif else if (strcmp(*argv,"-text") == 0) text=1; else if (strcmp(*argv,"-C") == 0) @@ -192,6 +222,9 @@ bad: BIO_printf(bio_err," -genkey generate a DSA key\n"); BIO_printf(bio_err," -rand files to use for random number input\n"); BIO_printf(bio_err," -engine e use engine e, possibly a hardware device.\n"); +#ifdef GENCB_TEST + BIO_printf(bio_err," -timebomb n interrupt keygen after seconds\n"); +#endif BIO_printf(bio_err," number number of bits to use for generating private key\n"); goto end; } @@ -247,10 +280,50 @@ bad: if (numbits > 0) { + BN_GENCB cb; + cb.ver = 2; + cb.cb_2 = dsa_cb; + cb.arg = bio_err; + assert(need_rand); + dsa = DSA_new(); + if(!dsa) + { + BIO_printf(bio_err,"Error allocating DSA object\n"); + goto end; + } BIO_printf(bio_err,"Generating DSA parameters, %d bit long prime\n",num); BIO_printf(bio_err,"This could take some time\n"); - dsa=DSA_generate_parameters(num,NULL,0,NULL,NULL, dsa_cb,bio_err); +#ifdef GENCB_TEST + if(timebomb > 0) + { + struct sigaction act; + act.sa_handler = timebomb_sigalarm; + act.sa_flags = 0; + BIO_printf(bio_err,"(though I'll stop it if not done within %d secs)\n", + timebomb); + if(sigaction(SIGALRM, &act, NULL) != 0) + { + BIO_printf(bio_err,"Error, couldn't set SIGALRM handler\n"); + goto end; + } + alarm(timebomb); + } +#endif + if(!DSA_generate_parameters_ex(dsa,num,NULL,0,NULL,NULL, &cb)) + { +#ifdef GENCB_TEST + if(stop_keygen_flag) + { + BIO_printf(bio_err,"DSA key generation time-stopped\n"); + /* This is an asked-for behaviour! */ + ret = 0; + goto end; + } +#endif + BIO_printf(bio_err,"Error, DSA key generation failed\n"); + goto end; + } } else if (informat == FORMAT_ASN1) dsa=d2i_DSAparams_bio(in,NULL); @@ -375,7 +448,7 @@ end: OPENSSL_EXIT(ret); } -static void MS_CALLBACK dsa_cb(int p, int n, void *arg) +static int MS_CALLBACK dsa_cb(int p, int n, BN_GENCB *cb) { char c='*'; @@ -383,10 +456,15 @@ static void MS_CALLBACK dsa_cb(int p, int n, void *arg) if (p == 1) c='+'; if (p == 2) c='*'; if (p == 3) c='\n'; - BIO_write(arg,&c,1); - (void)BIO_flush(arg); + BIO_write(cb->arg,&c,1); + (void)BIO_flush(cb->arg); #ifdef LINT p=n; #endif +#ifdef GENCB_TEST + if(stop_keygen_flag) + return 0; +#endif + return 1; } #endif diff --git a/apps/gendh.c b/apps/gendh.c index 98ee413c74..574a13a57a 100644 --- a/apps/gendh.c +++ b/apps/gendh.c @@ -57,6 +57,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #ifndef OPENSSL_NO_DH #include #include diff --git a/apps/genrsa.c b/apps/genrsa.c index dbc23e40aa..6079688ce9 100644 --- a/apps/genrsa.c +++ b/apps/genrsa.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #ifndef OPENSSL_NO_RSA #include #include diff --git a/apps/req.c b/apps/req.c index a582e69775..4dca798e4a 100644 --- a/apps/req.c +++ b/apps/req.c @@ -56,6 +56,12 @@ * [including the GNU Public Licence.] */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include diff --git a/apps/s_server.c b/apps/s_server.c index aa7ff66b70..39013c2b0b 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -114,6 +114,12 @@ * SUN MICROSYSTEMS, INC., and contributed to the OpenSSL project. */ +/* Until the key-gen callbacks are modified to use newer prototypes, we allow + * deprecated functions for openssl-internal code */ +#ifdef OPENSSL_NO_DEPRECATED +#undef OPENSSL_NO_DEPRECATED +#endif + #include #include #include